Follow these steps to quickly set up OpenID for your Genero
Application Server and Genero Web Client applications.
Preparation
Before using OpenID with the
Genero Application Server, you must perform following steps:
- Create one or more OpenID users using an OpenID provider.
- If your GAS is located behind a proxy, configure the proxy in
the OpenID fglprofile, located in $FGLDIR/web_utilities/services/openid/res.
Uncomment and set values for the entry proxy.http.location.
- Start your dispatcher (if needed).
Add OpenID SSO to a Genero Web Client application
Do
the following steps to add OpenID SSO to a Genero Web Client application:
- Add the DELEGATE tag to all Genero Web Client
applications requiring SSO.
<APPLICATION Parent="defaultgwc">
<EXECUTION>
<PATH>$(res.path.mypath)/myapplication</PATH>
<MODULE>myapp.42r</MODULE>
<DELEGATE service="services/OpenIDServiceProvider" />
</EXECUTION>
</APPLICATION>
- Add a PROVIDER tag to indicate which identity
provider to use for the application.
<APPLICATION Parent="defaultgwc">
<EXECUTION>
<PATH>$(res.path.mypath)/myapplication</PATH>
<MODULE>myapp.42r</MODULE>
<DELEGATE service="services/OpenIDServiceProvider">
<PROVIDER>google.com</PROVIDER>
</DELEGATE>
</EXECUTION>
</APPLICATION>
If a provider is not defined,
a page with the list of available ID providers is displayed.
Execute a Genero Web Client application with SSO
To
run your Genero Web Client application:
- Start your browser and enter the application URL.
You are prompted
to enter your openid.
- Click the signin button.
Your browser
is redirected to the OpenID provider.
- Enter your credentials.
If your credentials are valid, your
browser is redirected to the Genero Web Client application. The application
starts and runs as the entered OpenID user.
The next time you
start the same application - or any application delivered by the same
Genero Application Server - you will not be prompted for your credentials.
The application will start (and be authenticated for) the same SAML
user.
Tip: Read all of the OpenID topics in the Genero
Application Server User Guide for details on features provided by
OpenID SSO support in the Genero Application Server, to include attributes
gathering or authorization control.